const { errorResponse } = require('../utils/response');
const AdminService = require('../services/admin.service');

module.exports = (permission) => {
    return async (req, res, next) => {
        try {
            // 从请求中获取管理员ID
            const adminId = req.admin.id;

            // 检查权限
            const hasPermission = await AdminService.checkPermission(adminId, permission);

            if (!hasPermission) {
                return errorResponse(res, '权限不足', 403);
            }

            next();
        } catch (error) {
            return errorResponse(res, error.message);
        }
    };
};